SSL Certificate
數位憑證是網路安全的主幹。
安全通訊協定（SSL）憑證（有時稱為數位憑證）可為瀏覽器或電腦和伺服器或網路之間建立加密連結。在每次會話時（session）時，SSL 連結可保護信用卡資訊等交換機密資料不會遭到非授權方攔截。
 

創建安全連接
SSL 是建立加密連結的標準安全技術 — 以下是它的運作原理。
有一種終端使用者看不見的程序叫做「SSL 握手」（SSL handshake），可在網路伺服器和瀏覽器之間創造安全連結。它以三把金鑰打造一個對稱式會話金鑰，再以此加密所有傳輸資料。

1. 伺服器傳送自己的對稱式公開金鑰發送給瀏覽器。
2. 瀏覽器創造一個對稱會話金鑰，並以伺服器的對稱式公開金鑰加密，然後發送給伺服器。
3. 伺服器用自己的對稱式私密金鑰解密加密的會話金鑰，以便取得對稱式會話金鑰。
4. 伺服器和瀏覽器現在都以對稱式會話金鑰加密並解密所有傳輸的資料。這個程序可以保障通道安全，因為只有這對瀏覽器和伺服器知道它們的對稱式會話金鑰，而這組會話金鑰只可用於這一段會話。若是瀏覽器隔日再連接同一部伺服器，則需要再產生一副新的會話金鑰。

為您的網站訪問者和企業建立信任和在線安全性

• Encrypt sensitive data
• Activate HTTPS and the lock icon 
• Comply with PCI standards
• Prove legitimacy
• Strengthen brand identity
• Increase SEO rank

Basic TLS/SSL Certificates

系統需求

Technical Specifications

• Standard X.509 certificates
• Symmetric 256-bit encryption
• RSA public-key SHA-2 algorithm (supports hash functions: 256, 384, 512)
• ECC public-key cryptography (supports hash functions: 256 and 384)
• Unlimited server licensing
• Supports 2048-bit public key encryption (3072-bit and 4096-bit available)

版本比較

Business TLS/SSL Certificates

Norton Secured™ seal
Improve conversion rates with the Norton Secured seal, proven to be the most well-recognized symbol for online security.

Priority Support
Exclusively for DigiCert Secure Site customers, reach our experts any day at any time with a dedicated concierge phone line, and 24/7/365 email and live chat.

Priority Validation
Skip the queue. DigiCert Secure Site customers get exclusive rights to and get the fastest validation experience available.

Million Warranty
In the event a certificate-related failure causes your customer damage or financial loss, you’ll be covered by a relying-party warranty.

DigiCert CertCentral
The best certificate demands the best platform. Management from installation to renewal, with tools to discover and analyze all your certificates across your networks.

系統需求

Technical Specifications

• X.509 format Certificate meets software & industry standards
• Symmetric 256-bit encryption
• Unlimited server licensing
• Supports 2048-bit public key encryption (3072-bit and 4096-bit available)
• Free reissues and replacements for the lifetime of the certificate

版本比較

Code Signing Certificates
Protect users from downloading compromised software,
prevent tampering, and provide the trusted assurance of 
authentication by using a digital signature.

Code Signing Certificates are used by software developers to digitally sign apps, drivers, and software programs as a way for end-users to verify that the code they receive has not been altered or compromised by a third party. They include your signature, your company’s name, and if desired, a timestamp.
Code Signing Certificates ensure that users won’t receive a warning message at installation or start-up and are ideal for securing:

Document Signing Certificates
Improve security, increase the speed of business, and securely sign documents in Adobe, Microsoft, and other programs.

Secure, Authenticated Signatures with a Single Click
Document Signing certificates allow individuals, teams, and organizations to add an electronic, digital signature to a document in a variety of file formats to prove ownership. The digital signature is an encrypted hash of your message that can only be decrypted by someone who has a copy of your public key, which ensures:

• Document stays unchanged
• Sender's identity confirmed
• Sensitive information protected

Client Certificates
Prove identity and digitally sign or encrypt email 
communications using these highly versatile certificates.

Client certificates, also called personal ID certificates,are used to verify identity for an individual.

• Allows access to specific applications, websites, or interfaces, as well as devices like laptops and cellphones
• Digitally signs and encrypts email using the S/MIME protocol, which verifies the sender and even prevents tampering
• Provides enhanced security measures in case usernames and passwords are misplaced or stolen

FBCA Certificates & Direct Messaging
Gain the ability to transfer records to federal agencies and fortify your entire network for Direct messaging exchange.
Any organization exchanging healthcare information with a federal agency must use certificates cross-signed by the Federal Bridge Certification Authority (FBCA). All of our FBCA certificates are trusted by federal agencies and guarantee interoperability, allowing you to safely exchange messages.

Increase Identity Assurance with FBCA or NIST LoA 3 Certificates
Meet compliance standards to correspond with U.S. federal agencies
and gain the ability to issue Electronic Prescriptions of Controlled Substances (EPCS).
Both FBCA and NIST LoA 3 are established standards. Digital signatures in these types of certificates show an end-user that the identity of the individual named in the certificate is verified and is trustworthy. We can help you with multiple levels of assurance, including FBCA Basic, FBCA Medium, and NIST LoA 3.

What is Direct Messaging for Healthcare?
Direct messaging is the national encryption standard for sending healthcare records over the internet. It allows Health Information Service Providers (HISPs) across the U.S. to exchange patient records securely and mitigate risks that come from transferring records over unprotected channels, like traditional email.

• Stronger security for patient data
• Guards PHI
• Streamlined standards for providers
• Improves workflows
• Enhances communication

 Wi-Fi Certificates
Increase trust in public hotspots, protect user data, and streamline the registration process using Wi-Fi Alliance-approved OSU certificates.

A Wi-Fi Certificate protects the registration process and encrypts log-in credentials when connecting to public Wi-Fi, ultimately providing secure network access and increasing trust in public hotspots and sign-up services.

• Authenticates sign-up service providers
• Encrypts user data during the sign-up process and communication between a mobile device and OSU server
• Ensures that a user is communicating with the intended
• service provider

Custom Certificate Profiles
Work with experienced PKI engineers to develop templates for every certificate type specific to your cloud-based PKI.

Certificate profiles define every parameter associated with a specific certificate. Issuing CAs use profiles customized to each organization based on their expected use and anticipated security concerns.

• Authentication method 
• Certificate defaults 
• Profile constraints
• Certificate outputs

Device Certificates
Verify identity, encrypt communications, and protect home networks for all your internet-connected devices before and after manufacturing.

What are Device Certificates?
Proper authentication and encryption are a critical component of securing connected devices.
A device certificate creates an identity for each “thing” in an IoT ecosystem, making sure each device authenticates as it connects, and protects communication between devices.

Why Device Communications Need Protection
Certificates mitigate risk for users and safeguard systems.
With thousands of unsecured devices connecting to the internet each day, private data communicated between devices are a prime attack point for hackers. Properly implemented, a Public Key Infrastructure (PKI) security solution provides strong device identity and encryption for in-transit data, and protects devices and networks from exploits.